Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/7Io1Uuwlp4hPSaEBYmEGFKrG9nQ.roa
File: 7Io1Uuwlp4hPSaEBYmEGFKrG9nQ.roa (raw, json)
Hash identifier: B1IwFka1gkKO3yzRCp2THvBDT6eePwVYa70EBz3kAeM=
Subject key identifier: EC:8A:35:52:EC:25:A7:88:4F:49:A1:01:62:61:06:14:AA:C6:F6:74
Certificate issuer: /CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Certificate serial: 0184D29A90A8ACE6EAABB342991805870BFA
Authority key identifier: 47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/7Io1Uuwlp4hPSaEBYmEGFKrG9nQ.roa
Signing time: Fri 02 Dec 2022 11:30:55 +0000
ROA not before: Fri 02 Dec 2022 11:30:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52088
IP address blocks: 185.45.108.0/23 maxlen: 24
2a02:22f0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:90:a8:ac:e6:ea:ab:b3:42:99:18:05:87:0b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Validity
Not Before: Dec 2 11:30:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec8a3552ec25a7884f49a10162610614aac6f674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:2f:1a:0e:3d:76:2b:6c:2f:02:b7:2c:d4:
d8:eb:c0:81:e3:c3:12:1f:16:ed:23:16:23:00:4b:
9d:01:84:58:f4:ae:b8:e9:99:38:f7:93:fb:cb:ed:
72:fe:79:90:21:cb:0d:53:a1:fb:01:20:7c:c7:55:
83:9a:7f:08:b2:4b:e4:8f:fe:81:eb:f0:cf:e8:0a:
46:92:8b:6f:a7:2c:fc:e5:83:d2:3e:49:f2:8e:63:
4b:ae:a6:88:4a:c3:84:bd:83:8b:d4:af:cc:b4:09:
87:cd:7e:94:39:55:f6:50:b3:0c:16:d7:c4:31:6e:
50:8a:f1:a2:86:08:32:a1:bf:e6:c7:3d:b4:77:31:
f2:a6:f9:10:d3:f8:07:6b:c4:87:79:c4:db:cc:e8:
9d:ec:b0:bc:bc:83:5f:11:91:e6:df:df:ad:26:c2:
83:38:ba:9e:43:cd:ea:a9:97:69:56:c3:a1:59:16:
4f:ee:8d:0d:25:db:9b:1b:03:bc:2c:03:a3:ca:63:
57:43:3b:e2:2f:80:61:8f:5d:d0:6c:56:f8:b9:2f:
39:97:ea:f7:f6:4d:33:97:fe:54:3e:66:14:96:04:
bd:38:a4:9b:54:77:f3:16:e0:8e:e0:0a:38:e2:f8:
16:70:78:0a:cf:c0:eb:5c:92:ed:51:19:ea:b2:73:
9e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8A:35:52:EC:25:A7:88:4F:49:A1:01:62:61:06:14:AA:C6:F6:74
X509v3 Authority Key Identifier:
keyid:47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/7Io1Uuwlp4hPSaEBYmEGFKrG9nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/R2bG2a0hzUEYoESCZNb7NdVfFMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.108.0/23
IPv6:
2a02:22f0::/32
Signature Algorithm: sha256WithRSAEncryption
79:d3:a0:30:e1:30:30:e2:9d:10:d2:f8:09:c9:ec:26:fa:8f:
dc:71:a6:36:0b:e9:f8:82:dc:e0:89:be:11:2b:fd:5b:86:e5:
c9:fc:8d:3e:1d:fc:87:2b:7f:81:56:81:92:d7:06:a8:b2:eb:
61:6c:52:21:6d:31:f3:2b:af:e1:d8:24:67:c5:c6:7a:5f:2c:
8e:ef:2e:97:7c:b3:c3:91:14:9f:bc:df:ed:8a:c3:23:f0:5d:
d6:7a:12:e0:b2:69:d2:e2:80:6b:32:86:63:38:9d:05:0a:9e:
93:5a:94:95:2c:c8:5c:5e:b9:21:2a:18:5d:11:b6:19:db:03:
6e:d2:75:40:9f:f9:f3:9d:82:51:34:1a:be:4e:ff:7c:92:1d:
52:f6:38:55:e0:91:4b:1a:c3:e9:d4:d1:2d:95:59:f7:c9:26:
6a:17:8d:37:ae:b3:63:08:ce:fa:11:45:23:1e:07:1b:92:bc:
68:38:d0:21:01:6e:b5:f4:db:dd:e1:58:9e:6f:01:ab:ff:4a:
aa:0b:57:14:55:38:9f:79:a4:4b:a4:47:9a:00:78:6f:e2:3a:
d7:f9:01:bb:a3:e0:6e:0c:c9:2e:2c:ba:2c:51:f5:fe:0f:b5:
36:4e:61:7f:81:8b:43:d0:7c:ea:3f:67:d6:0c:b0:73:5e:af:
ca:f5:dd:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTSmpCorObqq7NCmRgFhwv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjZjNmQ5YWQyMWNkNDExOGEwNDQ4MjY0ZDZmYjM1ZDU1
ZjE0YzAwHhcNMjIxMjAyMTEzMDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhhMzU1MmVjMjVhNzg4NGY0OWExMDE2MjYxMDYxNGFhYzZmNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsIvGg49ditsLwK3LNTY68CB48MS
HxbtIxYjAEudAYRY9K646Zk495P7y+1y/nmQIcsNU6H7ASB8x1WDmn8Iskvkj/6B
6/DP6ApGkotvpyz85YPSPknyjmNLrqaISsOEvYOL1K/MtAmHzX6UOVX2ULMMFtfE
MW5QivGihggyob/mxz20dzHypvkQ0/gHa8SHecTbzOid7LC8vINfEZHm39+tJsKD
OLqeQ83qqZdpVsOhWRZP7o0NJdubGwO8LAOjymNXQzviL4Bhj13QbFb4uS85l+r3
9k0zl/5UPmYUlgS9OKSbVHfzFuCO4Ao44vgWcHgKz8DrXJLtURnqsnOekQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOyKNVLsJaeIT0mhAWJhBhSqxvZ0MB8GA1UdIwQY
MBaAFEdmxtmtIc1BGKBEgmTW+zXVXxTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMt
ZjVlYzQwM2ZkYWNmLzEvN0lvMVV1d2xwNGhQU2FFQlltRUdGS3JHOW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMtZjVlYzQwM2ZkYWNm
LzEvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuS1sMA0E
AgACMAcDBQAqAiLwMA0GCSqGSIb3DQEBCwUAA4IBAQB506Aw4TAw4p0Q0vgJyewm
+o/ccaY2C+n4gtzgib4RK/1bhuXJ/I0+HfyHK3+BVoGS1waosuthbFIhbTHzK6/h
2CRnxcZ6XyyO7y6XfLPDkRSfvN/tisMj8F3WehLgsmnS4oBrMoZjOJ0FCp6TWpSV
LMhcXrkhKhhdEbYZ2wNu0nVAn/nznYJRNBq+Tv98kh1S9jhV4JFLGsPp1NEtlVn3
ySZqF403rrNjCM76EUUjHgcbkrxoONAhAW619Nvd4ViebwGr/0qqC1cUVTifeaRL
pEeaAHhv4jrX+QG7o+BuDMkuLLosUfX+D7U2TmF/gYtD0HzqP2fWDLBzXq/K9d2m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:16 2024 by rpki-client on console-fra.rpki-client.org